Hi, My question is on functionalities of the ALG used with NAT in SIP networks with security mechanisms like TLS and/or IPSec. Please read the following paragraphs first.
The NAT (Network Address Translator) modifies IPv4 addressing, and takes special care of protocols such as UDP and TCP to avoid port conflicts and it may also carry out port number translation. When NAT is used in SIP networks, the IPv4 address is copied into the protocol data and thus becomes impossible for the NAT to translate it without using an ALG (Application Level Gateway). The ALG performs special translation not only for the IP addresses and port numbers but also within the payload (voice/data). As new protocols are created, new ALGs may have to be added in order for the applications to work. My question : In the above scenario (NAT used in SIP networks), if the security mechanisms TLS and IPSec are used, what functionalities should the ALG have? The main task of the ALG is to take care of the addresses and port numbers changed by NAT. But, these addresses and port numbers are encypted and encapsulated by IPSec and TLS mechanisms. How does ALG work in this situation? Also, please provide me any information or example implementations or white papers on the above scenario. Lots of thanks, - sunil vatnal _______________________________________________ Sip-implementors mailing list [EMAIL PROTECTED] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
